Combiners for Chosen-Ciphertext Security

  • Cong Zhang
  • David Cash
  • Xiuhua Wang
  • Xiaoqi Yu
  • Sherman S. M. ChowEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9797)


Security against adaptive chosen-ciphertext attack (CCA) is a de facto standard for encryption. While we know how to construct CCA-secure encryption, there could be pragmatic issues such as black-box design, software mis-implementation, and lack of security-oriented code review which may put the security in doubt. On the other hand, for double-layer encryption in which the two decryption keys are held by different parties, we expect the scheme remains secure even when one of them is compromised or became an adversary. It is thus desirable to combine two encryption schemes, where we cannot be assured that which one is really CCA-secure, to a new scheme that is CCA-secure. In this paper we propose new solutions to this problem for symmetric-key encryption and public-key encryption. One of our result can be seen as a new application of the detectable CCA notion recently proposed by Hohenberger et al.  (Eurocrypt 2012).


Encryption Chosen-ciphertext security Robust combiners 


  1. 1.
    Bellare, M., Namprempre, C.: Authenticated encryption: relations among notions and analysis of the generic composition paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 531–545. Springer, Heidelberg (2000). doi: 10.1007/3-540-44448-3_41 CrossRefGoogle Scholar
  2. 2.
    Chow, S.S.M., Boyd, C., Nieto, J.M.G.: Security-mediated certificateless cryptography. In: Public Key Cryptography (PKC), pp. 508–524 (2006). Google Scholar
  3. 3.
    Chow, S.S.M., Roth, V., Rieffel, E.G.: General certificateless encryption and timed-release encryption. In: Ostrovsky, R., De Prisco, R., Visconti, I. (eds.) SCN 2008. LNCS, vol. 5229, pp. 126–143. Springer, Heidelberg (2008). doi: 10.1007/978-3-540-85855-3_9 CrossRefGoogle Scholar
  4. 4.
    Cramer, R., Hanaoka, G., Hofheinz, D., Imai, H., Kiltz, E., Pass, R., Shelat, A., Vaikuntanathan, V.: Bounded CCA2-secure encryption. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 502–518. Springer, Heidelberg (2007). doi: 10.1007/978-3-540-76900-2_31 CrossRefGoogle Scholar
  5. 5.
    Dodis, Y., Katz, J.: Chosen-ciphertext security of multiple encryption. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 188–209. Springer, Heidelberg (2005). doi: 10.1007/978-3-540-30576-7_11 CrossRefGoogle Scholar
  6. 6.
    Harnik, D., Kilian, J., Naor, M., Reingold, O., Rosen, A.: On robust combiners for oblivious transfer and other primitives. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 96–113. Springer, Heidelberg (2005). doi: 10.1007/11426639_6 CrossRefGoogle Scholar
  7. 7.
    Herzberg, A.: Folklore, practice and theory of robust combiners. J. Comput. Secur. 17(2), 159–189 (2009). doi: 10.3233/JCS-2009-0336 CrossRefGoogle Scholar
  8. 8.
    Hohenberger, S., Lewko, A., Waters, B.: Detecting dangerous queries: a new approach for chosen ciphertext security. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 663–681. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-29011-4_39 CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Cong Zhang
    • 1
  • David Cash
    • 1
  • Xiuhua Wang
    • 2
  • Xiaoqi Yu
    • 3
  • Sherman S. M. Chow
    • 2
    Email author
  1. 1.Department of Computer ScienceRutgers UniversityNew BrunswickUSA
  2. 2.Department of Information EngineeringThe Chinese University of Hong KongSha TinHong Kong
  3. 3.Department of Computer ScienceThe University of Hong KongPok Fu LamHong Kong

Personalised recommendations